curl / Mailing Lists / curl-library / Single Mail

curl-library

libcurl truncating long cookies?

From: Kevin Smith via curl-library <curl-library_at_cool.haxx.se>
Date: Fri, 8 Sep 2017 16:26:07 -0700

Hey, I am looking at an issue with libcurl where it seems that very long
cookies are getting truncated. I see that in lib/cookie.h there are these
two values: #define MAX_COOKIE_LINE 5000 and #define MAX_COOKIE_LINE_TXT
"4999" I am seeing if I get back a cookie of length more than 5000 that
libcurl is storing that cookie at the truncated value. Looking into RFC
2109 (https://www.ietf.org/rfc/rfc2109.txt) section 6.3 I see this line
"The information in a Set-Cookie response header must be retained in its
entirety. If for some reason there is inadequate space to store the
cookie, it must be discarded, not truncated." I am using libcurl 7.49.1
and I am seeing that cookies seem to get truncated when they are too long
instead of discarded, is this expected? Or has it been fixed in a later
version?

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-09-09